Lab Sheet

Lab 6: Remote Address Resolution

In this lab we will look at some mechanisms of address resolution aside from ARP

DNS

Set up a NetXray Advance Filter that only captures DNS packets. Remember that DNS uses UDP so you will have to "drill down" appropriately through the IP protocols.
Start a capture
Bring up a DOS box
Use ping 141.132.64.2 to ping a host by IP Address. Were any packets captured Why not
Use ping krause.ballarat.edu.au to ping the same host, but using a name instead.
View the capture buffer and answer these questions:
How big is the UDP header How does this compare with the TCP header you have been seeing ( you could open ftp.cap to see a TCP header )
Test the hypothesis I presented in the lecture about using a "." at the end of a name to speed resolution. If it is not seeming to be true look inside the DNS packets to try and find the reason.
To do this expand the QUESTION section of the DNS Header in your request to see what was being asked

DHCP

This exercise will not work if your are using a dial in connection at home.

Set up a NetXray Advanced Filter that only captures BOOTP packets ( BOOTP is the "father" of DNCP and can be found under IP/UDP in the filter setting screen )
Start a capture
Run WINIPCFG. Note your current IP address.
Use Release followed by Renew to refetch your IP address from the DHCP server.
View the capture and answer the following:
Find the packet which signalled the Release and note what the desetination IP address is. Your PC know the IP address of the DHCP server - how might it have discovered this
Find the packet that corresponds to the Renew - DHCP call this a Discover packet.
What is the IP source address of this packet & why
What is the MAC destination address of this packet Is this packet likely to be forwarded by a router
What is the IP destination address of this packet
Look at the DHCP reply packet and notice all the different pieces of information that are being returned by the server. Look into the Network Control Panel on your machine ( Select the TCPIP protocol and click on Properties ) and see where these settings would go if they were manually configured. Use the More Info button in WINIPCFG to see the setting you have been given.